Merge branch 'master' into friends

Author: silviaarellanogarcia

.github/workflows/docker.yml

@@ -0,0 +1,36 @@
+name: DockerHub CI
+
+on:
+  workflow_run:
+    workflows: [ "Django CI" ]
+    branches: [ master ]
+    types: [completed]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          builder: ${{ steps.buildx.outputs.name }}
+          push: true
+          tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:latest
+          cache-from: type=registry,ref=${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:buildcache
+          cache-to: type=registry,ref=${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:buildcache,mode=max

.gitignore

@@ -6,6 +6,10 @@ env/
 .idea
 __pycache__/
 .DS_Store
+staticfiles/
 
 /files/*
 !files/.keep
+
+/db/*
+!db/.keep

DEV.md

@@ -1,8 +1,51 @@
 # Documentation
-## Forms
+## BootstrapFormMixin
+BootstrapFormMixin is a class that allows an easy way to render any form type.
+
+At the start of the class you will need to override the `bootstrap_field_info` where all the render information is stored.
+```python
+bootstrap_field_info = {'TITLE': {
+    'fields': [{'name': 'FIELD_NAME', 'space': GRID_NUMBER, 'visible': VALUE_DICT},], 
+    'description': 'DESCRIPTION'},}
+```
+In this example the TITLE will be the h2 text of the formset that will contain all the fields on the array.
+The description is an optional text to be displayed after the TITLE.
+The FIELD_NAME will be the names of the fields of your form, this is required.
+GRID_NUMBER will be the grid (1-12) space that will fill your field in the Bootstrap row, if omitted the space will be 0.
+Lastly, the VALUE_DICT refers to a dictionary that will tell your field when can be visible, if omitted the field will always be visible.
+IMPORTANT: if you miss a field on the `bootstrap_field_info` it will set to not required.
+
+An important feature of this form, is the use of the TypeHead lib for autocomplete CharFields, so the user has already some possible answers.
+This can be done by adding the `api_fields` .
+This information is stored in the `api_fields` to the Meta class inside your form, where the API url is required. Other optional fields are `restrict` and 
+`others` field to restrict the options of the field or add the Others option. For example, in this application, 
+it has been used to list all the possible countries and avoid custom answers.
+
+```python
+class Meta(ApplicationForm.Meta):
+    api_fields = {
+        'country': {'url': static('data/countries.json'), 'restrict': True, 'others': True},
+        'university': {'url': static('data/universities.json')},
+        'degree': {'url': static('data/degrees.json')},
+    }
+```
+
+### Methods
+
+#### get_bootstrap_field_info
+
+If you want to dynamically change the `bootstrap_field_info` you can override this method.
+It's important to not remove the initial call `super` to get a COPY of the `bootstrap_field_info` otherwise you will be overriding the full variable.
+You will also need to be cautious with `ModelForm` and understanding how forms work.
+
+#### set_read_only
+
+This method is in order to make the form not editable. Keep in mind that you will need to disable the POST method on your view for this condition.
+
+## Application Forms
 Despite having different types of application, all of them are based in a common structure, defined in the 
 `ApplicationForm` class. Then, for each type (hacker, volunteer, mentor and sponsor) specific parameters are 
-added.
+added. This class inherits the `BootstrapFormMixin`, so all the features of it are available.
 
 Each class starts with `bootstrap_field_info`, where all the fields of the form that have to be rendered are described.
 First, it indicates the part of the form which will be modified (e.g. Personal Info, Hackathons,...). Then, each field 
@@ -18,7 +61,7 @@ be shown(e.g. when diet is "Other", the applicant should specify their case.)
 
 If the information that contains the field was previously specified (e.g. diet, gender), it won't require additional 
 methods. However, if a new one is introduced (e.g. `under_age` in `HackerForm`), the corresponding class will include a 
-method defining the type of answer, if it's required, it's possible choices (which sometimes may be defined as constants 
+method defining the type of answer, if it's required, its possible choices (which sometimes may be defined as constants 
 at the beginning of the file) and the default value amongst others.
 
 ```python
@@ -35,23 +78,29 @@ The method `exclude_save` is used to not store the information of the specified
 have to be accepted in order to participate in the event. Therefore, once the application is submitted, this field will
 always be `True`, so it's not necessary to consider that information anymore.
 
-The `Meta` class is useful to link a json file to a specific field, so the user has already some possible answers.
-This information is stored in the `api_fields` where the API url is required. Other optional fields are `restrict` and 
-`others` field to restrict the options of the field or add the Others option. For example, in this application, 
-it has been used to list all the possible countries and avoid custom answers.
-
-```python
-class Meta(ApplicationForm.Meta):
-    api_fields = {
-        'country': {'url': static('data/countries.json'), 'restrict': True, 'others': True},
-        'university': {'url': static('data/universities.json')},
-        'degree': {'url': static('data/degrees.json')},
-    }
-```
-
 It's important to notice that all the text that will be printed out is surrounded by a low bash and parentheses. In 
 future versions, this will allow to translate the displayed text in an easy way.
 
 ```python
 label = _('How old are you?')
 ```
+
+## TabsViewMixin
+
+This is a simple Mixin to display Tab navigation on your TemplateView or any View class that inherits this class.
+The navigation tabs are the navigation that is displayed on top of your template container.
+
+### Methods
+
+#### get_current_tabs
+This method is meant to be overridden and return an array to be with tuples. The first element of the tuple will be the text of the tab and the second will be the url, those 2 are mandatory.
+The 3rd is and optional variable that can be set to None to be omitted and displays a warning symbol.
+Finally, the 4th variable is to set the tab to active with a boolean, if None or unset the tab will be active if the path equals the url.
+Data can be passed to the method with the `get_context_data` kwargs at the super of your view.
+
+#### get_back_url
+Method that returns the url that will be updated to the context with the name `back`.
+
+## PermissionRequiredMixin
+This Mixin is mean to inherit any type of View class and expands the base [Django PermissionRequiredMixin](https://docs.djangoproject.com/en/4.1/topics/auth/default/#the-permissionrequiredmixin-mixin) class.
+The new functionality is that you can put a dictionary on the `permission_required` in order to change the permissions between the HTTP method: GET, POST, etc.

Dockerfile

@@ -0,0 +1,12 @@
+FROM python:3.9.13
+RUN apt-get update
+RUN apt-get install -y cron && touch /var/log/cron.log
+RUN pip install --upgrade pip
+WORKDIR /code
+
+COPY requirements.txt /code/
+RUN pip3 install -r requirements.txt && pip install gunicorn
+
+COPY . /code/
+
+CMD ["sh", "./run.sh"]

README.md

@@ -11,6 +11,7 @@
 - Email sign up ✉️
 - Email verification 📨
 - Forgot password 🤔
+- Ip block on failed login tries & ip blocklist ✋ (Optional)
 - Dark mode 🌚 🌝 Light mode (Optional)
 
 ## Development

app/hackathon_variables.py

@@ -1,5 +1,5 @@
 HACKATHON_NAME = 'HackUPC'
-HACKATHON_DESCRIPTION = 'Join us for BarcelonaTech\'s hackathon. 36h. 29th April - 1st May.'
+HACKATHON_DESCRIPTION = 'Join us for BarcelonaTech\'s hackathon. 36h.'
 HACKATHON_ORG = 'Hackers@UPC'
 
 HACKATHON_CONTACT_EMAIL = '[email protected]'
@@ -16,6 +16,9 @@
 REGEX_HACKATHON_ORGANIZER_EMAIL = "^.*@hackupc\.com$"
 HACKATHON_ORGANIZER_EMAILS = []
 APP_NAME = 'MyHackUPC'
-APP_EMAIL = ''
+APP_EMAIL = 'MyHackUPC <[email protected]>'
+
+# (OPTIONAL) Send 500 errors to email while on production mode
+HACKATHON_DEV_EMAILS = ['[email protected]', ]
 
 SUPPORTED_RESUME_EXTENSIONS = ['.pdf']

app/log.py

@@ -0,0 +1,52 @@
+import logging
+from copy import copy
+
+from django.core.mail import EmailMultiAlternatives
+from django.views.debug import ExceptionReporter
+
+from app import settings
+
+
+class HackathonDevEmailHandler(logging.Handler):
+    """An exception log handler that emails log entries to site hackathon devs.
+
+    If the request is passed as the first argument to the log record,
+    request data will be provided in the email report.
+    This is replicated from Django log to use the default backend properly.
+
+    See: https://docs.djangoproject.com/en/1.11/howto/error-reporting/
+    """
+
+    def emit(self, record):
+
+        try:
+            request = record.request
+        except Exception:
+            request = None
+
+        subject = '%s: %s' % (
+            record.levelname,
+            record.getMessage()
+        )
+        subject = subject.replace('\n', '\\n').replace('\r', '\\r')
+
+        # Since we add a nicely formatted traceback on our own, create a copy
+        # of the log record without the exception data.
+        no_exc_record = copy(record)
+        no_exc_record.exc_info = None
+        no_exc_record.exc_text = None
+
+        if record.exc_info:
+            exc_info = record.exc_info
+        else:
+            exc_info = (None, record.getMessage(), None)
+        if settings.HACKATHON_DEV_EMAILS:
+            reporter = ExceptionReporter(request, is_email=True, *exc_info)
+            message = "%s\n\n%s" % (self.format(no_exc_record), reporter.get_traceback_text())
+            html_message = reporter.get_traceback_html()
+            msg = EmailMultiAlternatives(subject,
+                                         message,
+                                         'server@' + settings.HACKATHON_DOMAIN,
+                                         settings.HACKATHON_DEV_EMAILS)
+            msg.attach_alternative(html_message, 'text/html')
+            msg.send(fail_silently=True)

app/mixins.py

@@ -1,21 +1,22 @@
 import copy
 
 from django import forms
+from django.contrib.auth.mixins import PermissionRequiredMixin as OverridePermissionRequiredMixin
 from django.forms import model_to_dict
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
 
 
 class TabsViewMixin:
-    def get_current_tabs(self):
+    def get_current_tabs(self, **kwargs):
         return []
 
     def get_back_url(self):
         return None
 
     def get_context_data(self, **kwargs):
         context = super(TabsViewMixin, self).get_context_data(**kwargs)
-        tabs = self.get_current_tabs()
+        tabs = self.get_current_tabs(**kwargs)
         new_tabs = []
         for tab in tabs:
             new_tab = {'title': tab[0], 'url': tab[1], 'needs_action': tab[2] if len(tab) > 2 else None,
@@ -112,3 +113,13 @@ def get_fields(self):
                     del visible[field['field'].auto_id]
             list_fields['visible'] = visible
         return result
+
+
+class PermissionRequiredMixin(OverridePermissionRequiredMixin):
+    def get_permission_required(self):
+        permissions = super().get_permission_required()
+        if isinstance(permissions, dict):
+            permissions = permissions.get(self.request.method, [])
+            if isinstance(permissions, str):
+                permissions = [permissions, ]
+        return permissions